Test grok patterns This tries to parse a set of given logfile lines with a given grok regular expression (based on Oniguruma regular expressions ) and prints the matches for named patterns for each log line. You can also apply a multiline filter first.Please enter some loglines for which you want to check a grok pattern, the grok expression that should match these, mark the pattern libraries you draw your patterns from and then press You can also just try this out with a random example Some log lines you want to match. PLEASE NOTE: For the construction algorithms you should use SEVERAL LINES that should match the pattern, and choose lines that are as diverse as possible. That reduces the search space. The more, the better (within reasonable limits, of course). The (unquoted!) pattern that should match all logfile lines.(Please keep in mind that the whole log line / message is searched for this pattern; if you want this to match the whole line, enclose it in ^ $ or \A \Z. This speeds up the search - especially if the pattern is not found.) Please mark the libraries of grok Patterns from logstash v.2.4.0 which you want to use. You probably want to use grok-patterns if you use any of the others, since they rely on the basic patterns defined there. firewalls aws bro exim bind haproxy linux-syslog squid mcollective-patterns bacula postgresql java maven grok-patterns httpd redis nagios rails mongodb ruby mcollective junos You can also provide a library of some additional grok patterns in the same format as the pattern files linked above. On each line you give a pattern name, a space and the pattern. For example: WORD \b\w+\b If you want to use logstash's multiline filter please specify the used pattern (can include grok Patterns): negate the multiline regex